Page MenuHomeFreeBSD
Differential D3871

Allow to fetch interpreter and notes from other places of the executable file
ClosedPublic
Actions

Authored by kib on Oct 12 2015, 8:59 AM.
Tags
None
Referenced Files
Unknown Object (File)
Sat, Jan 25, 3:04 PM
Unknown Object (File)
Fri, Jan 24, 2:06 AM
Unknown Object (File)
Jan 17 2025, 5:28 AM
Unknown Object (File)
Dec 26 2024, 12:35 AM
Unknown Object (File)
Dec 19 2024, 6:48 AM
Unknown Object (File)
Nov 24 2024, 2:31 PM
Unknown Object (File)
Nov 24 2024, 4:48 AM
Unknown Object (File)
Nov 24 2024, 2:30 AM
View All Files
Subscribers
imp
jhb

Details

Reviewers
emaste
jhb
andrew
Commits
rS289324: Allow PT_NOTES segments to be located anywhere in the executable
rS289322: Allow PT_INTERP and PT_NOTES segments to be located anywhere in the
Summary

Currently, the ELF image activator only works with PT_INTERP and PT_NOTE fully contained in the first page of the executable. This is unneccessary restrictive, and more, requires special hacks in the linker. It is not too hard to eliminate the limitation by reading arbirtrary file location to get interpreter path and notes. Still, the interpreter path length is limited by MAXPATHLEN, note segment is supposed to be at most page size (typical size is several dozen of bytes).

Diff Detail

Repository
rS FreeBSD src repository - subversion
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

kib updated this revision to Diff 9329.Oct 12 2015, 8:59 AM
kib retitled this revision from to Allow to fetch interpreter and notes from other places of the executable file.
kib updated this object.
kib edited the test plan for this revision. (Show Details)
kib added reviewers: andrew, emaste.
kib set the repository for this revision to rS FreeBSD src repository - subversion.
Herald added a subscriber: imp. · View Herald TranscriptOct 12 2015, 8:59 AM
kib updated this revision to Diff 9330.Oct 12 2015, 11:38 AM

Also handle notes in the rtld.

The misconfigured ld may create executables where phdr is not located in the PT_LOADed region. Such image segfaults in rtld during activation; patch does not help there.

emaste added inline comments.Oct 12 2015, 11:40 AM
sys/kern/imgact_elf.c
794–795 ↗(On Diff #9329)

could you use just the 2nd check (assuming no overflow issues)

798 ↗(On Diff #9329)

any reason you don't want to use a separate buf here as you did with notes?

2164 ↗(On Diff #9329)

can we now support p_filesz > PAGE_SIZE?

kib added inline comments.Oct 12 2015, 12:07 PM
sys/kern/imgact_elf.c
794–795 ↗(On Diff #9330)

We need to detect either start or end of phdr falling outside of the first page. I do not see how second condition alone is enough. Note that we could get overflow if p_offset is outside the first page, and then the second condition is true.

798 ↗(On Diff #9330)

Done.

2164 ↗(On Diff #9330)

We can, sure. But as I said in the annotation, typical notes segment is around twenty bytes, we only have two or three (on arm) notes defined, with 4-byte payload. We can put almost arbitrary limit there after the patch, but some limit must be present.

kib updated this revision to Diff 9332.Oct 12 2015, 12:08 PM

Use interp_buf.

kib added inline comments.Oct 12 2015, 12:17 PM
sys/kern/imgact_elf.c
793–794 ↗(On Diff #9332)

You probably mean this:

			if (phdr[i].p_offset + interp_name_len > PAGE_SIZE) {

But it still can overflow.

emaste added inline comments.Oct 12 2015, 12:45 PM
sys/kern/imgact_elf.c
2162 ↗(On Diff #9332)

Fair enough. On first glance it just seems like PAGE_SIZE is an inherent limit of the mechanism, not a somewhat arbitrary but convenient limit.

emaste accepted this revision.Oct 13 2015, 7:26 PM
emaste edited edge metadata.
emaste added a subscriber: jhb.

This looks fine to me.
Perhaps @jhb would like to look as well?

This revision is now accepted and ready to land.Oct 13 2015, 7:26 PM
jhb accepted this revision.Oct 14 2015, 5:38 PM
jhb added a reviewer: jhb.

Looks fine to me in general, just a few suggestions.

libexec/rtld-elf/map_object.c
161 ↗(On Diff #9332)

Can you use MAP_FAILED here?

199 ↗(On Diff #9332)

I see this doesn't use MAP_FAILED either (though it uses a caddr_t cast instead of (char *)), but I think it would be best to use MAP_FAILED in new changes and eventually use it in all of rtld.

320 ↗(On Diff #9332)

And here?

sys/kern/imgact_elf.c
2162 ↗(On Diff #9332)

Might be fine to note that in a comment above this line then. ("We need some limit, might as well use PAGE_SIZE.")

emaste added inline comments.Oct 14 2015, 5:53 PM
sys/kern/imgact_elf.c
2162 ↗(On Diff #9332)

Right - the explanation from the Phabricator summary above could go in a comment here.

kib updated this revision to Diff 9389.Oct 14 2015, 6:14 PM
kib edited edge metadata.

Use MAP_FAILED, add comment about PAGE_SIZE limit.

This revision now requires review to proceed.Oct 14 2015, 6:14 PM
emaste accepted this revision.Oct 14 2015, 6:15 PM
emaste edited edge metadata.
This revision is now accepted and ready to land.Oct 14 2015, 6:15 PM
Closed by commit rS289322: Allow PT_INTERP and PT_NOTES segments to be located anywhere in the (authored by kib). · Explain WhyOct 14 2015, 6:27 PM
This revision was automatically updated to reflect the committed changes.
jtl mentioned this in D4692: Only allow one PT_INTERP ELF program header.Dec 23 2015, 3:58 AM

Revision Contents
Changeset List

PathSize
head/
sys/
kern/
140 lines

Diff 9390

View Options

head/sys/kern/imgact_elf.c

Loading...